This Privacy Notice and Cooky Notice ('Notices') for Pontem BV, registered in Belgium with business registration number BE 0789.300.084, sets out the data processing practices and your rights and options regarding how your personal information is used. The Dutch and English versions of these Notices are identical. In case of doubt, the Dutch version prevails.
​
The use of 'we' in these notices refers to subcontractors and service providers that can work on a Pontem assignment. They are always expected to be GDPR compliant and work in accordance with the provisions of these notices.
​
We are fully committed to legal compliance (incl. the General Data Protection Regulation, EU 2016/679, GDPR) and protecting and respecting the privacy of individuals at all times.
Privacy Notice
-
Why do we collect personal information?
The collection, processing and storage of personal information are sometimes necessary. Your personal information, however, provided to us, may be used for the following purposes in line with the appropriate GDPR provisions:
​
-
to provide our services in the best possible manner;
-
to provide you with services, products or information you have requested;
-
to provide further information about our work, services, activities or products;
-
to enable you to participate in projects, campaigns, events etc.;
-
to answer your questions/requests and communicate with you in general;
​
-
to enable you to support projects and organisations with a societal impact, in which you are possibly interested;
-
to analyse and improve our work, services, activities, products or information (including our website);
-
to report on the impact and effectiveness of our work
-
to run/administer our website, keep the website safe and secure and ensure that content is presented most effectively for you and your device;
-
to audit and/or administer our accounts;
-
to satisfy (binding) legal obligations from regulatory, government and/or law enforcement bodies;
-
due diligence purposes and the prevention of fraud or misuse of our services;
-
for the establishment, defence and/or enforcement of legal claims.
​
2. How do we obtain personal information?
We only collect and retain the minimum amount of information that we need for a purpose outlined in article 1 and always in line with the six principles outlined in article five of the GDPR. There are several ways via which we may collect personal data.
-
When you give it to us
​For example, personal information that you give by contacting us by email, phone, messaging service or letter.
-
When we obtain it
​For example, your personal information may be shared with us by third parties, including (non-profit) clients, business providers, analytics providers and search information providers.
-
When it is available
​Your personal information may be available to us from external publicly available sources like social media services (respecting your privacy settings), news websites, Official Gazette (Staatsblad) etc.
-
When you visit www.pontem.be
The website does not have any cookies that collect or store personally identifiable information about you. You can find
more information in the Cooky Notice below.
In general, we may combine your personal information from these different sources for the purposes set out in this Notice.
3. What personal information can be processed?
We may collect, store and otherwise process the following kinds of personal information:
a. your name and contact details, including postal address, telephone number, email address and, where applicable, social media profiles;
b. information about your computer/mobile device and your visits to and use of this website, including, for example, your IP address and geographical location;
c. information about our services which you use;
d. any personal data that you provide to us, or is legally available to us as per clause 2, and strictly necessary for the provision of our services or our business operations;
e. data necessary for processing invoices;
e. Any other personal data relating to you that you provide to us.
​
4. Do we process special categories of personal information?
The General Data Protection Regulation ('GDPR') recognises certain categories of personal information as sensitive and therefore requiring more protection, for example, information about your ethnicity, religion and political opinions.
In certain situations, we may collect and/or use these special categories of your personal information. For example, to determine if your values match ours, or those of our clients, before entering into (grant) agreements and partnerships. We will only process these special categories of your personal information if there is a valid reason for doing so and where the GDPR allows us to do so.
5. How long do we keep your personal information?
In general, unless still required in connection with the purpose(s) for which it was collected and/or processed, we remove your personal information from our records five years after the date it was collected. Your data will be removed before that date if;
-
your personal information is no longer required in connection with such purpose(s);
-
we are no longer lawfully entitled to process it;
-
you validly exercise your right of erasure (please see section 12 below);
To have your data removed, send an email to hans@pontem.be. If you request to receive no further communication from us, then we will only keep your name and email on our suppression list to comply with your request and avoid unwanted communication in the future.
6. Lawful bases
The GDPR outlines six lawful bases to process your personal information. One or more of the following four lawful bases apply to your data, for us to collect or store personal information:
a. Where you have provided your consent for us to use your personal information in a certain way;
b. Where necessary so that we can comply with a legal obligation to which we are subject;
c. Where necessary for the performance of a contract to which you are a party;
d. Where there is a 'legitimate interest' in us doing so.
7. Legitimate interests
The GDPR allows us to collect and process your personal information if it is reasonably necessary to achieve our own, or our clients', legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).
When we process your personal information to achieve such legitimate interests, we always consider and balance any potential impact on you (both positive and negative) and your rights under data protection laws. We will not use your personal information for activities where our interests are overridden by the impact on you, for example, where use would be excessively intrusive.
8. Will we share your personal information?
​
We avoid sharing personal information, but it may be necessary for us to provide third parties with access to your personal data in some instances. We always strive for minimal access and only to data strictly necessary. The following is a non-exhaustive list of such third parties:
​
-
third parties relevant to the services we provide, such as subcontractors;
​
-
third parties relevant for compliance with our legal obligations;
​
-
external suppliers in connection with the processing of your personal data for the purposes described in this Privacy and Cookie Notice, such as ICT suppliers;
​
-
communication service providers or other suppliers to whom we outsource certain support services (legal advice, accountancy).
​
The transfer of your personal information to the above third parties only takes place for the purposes mentioned in these Notices. Third parties to whom we provide your personal information must be responsible for compliance with privacy laws. In that case, we are neither responsible nor liable for the processing of your personal information by these third parties. To the extent that a third party processes your personal information in the capacity of processor for us and thus acts in accordance with our requests and instructions, we enter into a processor agreement with this third party that meets the requirements described in the GDPR.
​
9. Security/ storage of and access to your personal information
We are committed to keeping your personal information safe and secure, and we have appropriate and proportionate security policies and organisational and technical measures in place to help protect your information. In general, the personal information that we collect from you will be stored at a destination within the European Economic Area ('EEA') or the UK. However, your personal information may sometimes be transferred or stored outside the EEA.
Please note that some countries outside of the EEA may have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals. Where your personal information is transferred, stored or otherwise processed outside the EEA in a country that does not offer an equivalent standard of protection to the EEA, we will take all reasonable steps necessary to ensure that the recipient implements appropriate safeguards (such as by entering into standard contractual clauses) designed to protect your personal information and to ensure that your personal information is treated securely and in accordance with this Notice.
Unfortunately, no transmission of your personal information over the internet can be guaranteed to be 100% secure. However, once we have received your personal information, we will use strict procedures and security features to try and prevent unauthorised access.
10. Exercising your Rights
a. Right of access – you can write to us to ask for confirmation of what personal information we hold about you and request a copy of that information. Provided we are satisfied that you are entitled to see the information requested, and we have successfully confirmed your identity, then we will provide you with your personal information.
b. right of erasure – at your request and where you are entitled to, we will delete your personal information from our records.
c. right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated. You can also ask us to check the personal information we hold about you if you are unsure whether it is accurate/ up to date.
d. Right to restrict processing – you have the right to ask for processing your personal information to be restricted if there is disagreement about its accuracy or legitimate usage.
e. Right to object – you have the right to object to processing where we are
-
(i) processing your personal information based on the legitimate interests ground;
​
-
(ii) using your personal information for direct marketing;
​
-
(iii) using your information for research or statistical purposes.
f. Right to data portability – to the extent required by the GDPR, where we are processing your personal information by automated means and either
-
(i) because we have obtained your consent;
​
-
(ii) because such processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract, you may ask us to provide your personal information to you – or another service provider – in a machine-readable format.
g. Rights related to automated decision-making – you have the right not to be subject to a decision based solely on automated processing of your personal information, which produces legal or similarly significant effects on you unless such a decision
-
(i) is necessary to enter into/ perform a contract between you and us/ another data controller;
-
(ii) is authorised by EU or Member State law to which we are subject (as long as that law offers you sufficient protection);
​
-
(iii) or is based on your explicit consent. We may ask you for additional information to confirm your identity and for security purposes before disclosing personal information to you.
Please note that some of these rights only apply in limited circumstances. For more information, we suggest that you contact us using the details in clause 13 below.
If you have a question or complaint about our collection, processing or storage of personal data, then we kindly request that you contact us first (details in Article 13). You are further entitled to make a complaint about us or how we have processed your data to the data protection supervisory authority in your home country. In Belgium, this is the Gegevensbeschermingsautoriteit. For further information on how to exercise this right, please contact us using the details below.
​
11. Changes to these Notices
​
We may update these Notices from time to time, so please check back periodically. We will notify you of significant changes by contacting you directly and placing a notice on our website. These Notices were last updated on the 22nd of April 2021.
​
12. Links and third parties
We link our website directly to other sites. This Notice does not cover external websites, and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy notices of any external websites you visit via links on our website.
13. Contact
​
Please let us know if you have any questions or concerns about this Notice or about how we process your personal information by contacting us:
Contact person: Hans Lenders
Cooky Notice
​
Like virtually all websites, also www.pontem.be uses cookies to enhance the performance and monitor usage. No data is collected or stored that can identify you personally.
14. What are cookies?
Cookies are small, often encrypted text files located in browser directories. Web developers use them to help users navigate their websites efficiently and perform certain functions. If you like to learn more about cookies, please visit the ICO website: https://ico.org.uk/for-the-public/online/cookies
15. What are the different types of cookies?
Four types of cookies can be distinguished based on their use.
-
Strictly necessary cookies
These cookies are essential to enable you to move around the website and use its features.
-
Performance cookies
These cookies collect information about how visitors use a website, for instance, which pages visitors go to most often, and if they get error messages from web pages. These cookies don't collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.
-
Functional cookies
These cookies allow a website to remember choices you make (such as your language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for, such as watching a video or commenting on a blog. The information these cookies collect may be anonymised, and they cannot track your browsing activity on other websites.
-
Targeting cookies
These cookies are used to deliver adverts more relevant to you and your interests. This website does not use any targeting cookies or adverts.
16. Which (types) of cookies are used on this website?
The table below lists the cookies used on www.pontem.be
XSRF-TOKEN
Type: essential / strictly necessary
Duration: session
Purpose: security purposes
​
hs
Type: essential / strictly necessary
Duration: session
Purpose: security purposes
svSession
Type: essential / strictly necessary
Duration: 2-years
Purpose: This cookie is set by the provider Wix.com. This cookie used in connection with user login.
​
ssr-caching
Type: essential / strictly necessary
Duration: 1 minute
Purpose: WIX - Indicates how a site was rendered.
TS01e85bed
Type: essential / strictly necessary
Duration: session
Purpose: security
TS0171cbad
Type: essential / strictly necessary
duration: session
Purpose: security
bSession
Type: essential / strictly necessary
Duration: 30 minutes
Purpose: Used for system effectiveness measurement.
​
_gat_gtag_UA_158782080_1
Type: performance
Duration: 1 hour
Purpose: Google Analytics installs this cookie to store & track conversions.
_ga
Type: performance
Duration: 2 years
Purpose: Google Analytics installs this cookie. The cookie is used to calculate visitor, session, campaign data and track site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
​
_gid
Type: performance
Duration: 1 day
Purpose: Google Analytics installs this cookie. The cookie is used to store information on how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected in an anonymous form includes the number of visitors, the source they have come from, and the pages visited.
​
wixLanguage
Type: functional
Duration: 12 months
Purpose: Used on multilingual websites to save user language preference.
17. How can I block cookies (be aware, this may affect the performance of the website)?
​
If you wish to restrict or block the cookies set by our website or any other website, you can do this through your browser settings. The 'help' function within your browser should tell you how. The following links also explain how to access cookie settings in various browsers:
​
​
Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of browsers. You will also find details on how to delete cookies from your machine and more general information about cookies. Please be aware that restricting cookies may have an impact on the functionality of our website.
​
​